Proper authentication mechanisms are crucial for maintaining the security and integrity of the WP500 Edge Gateway. This section outlines the authentication practices and security measures implemented in the WP500 to ensure robust access control.

Strong Authentication Configuration

The WP500 Edge Gateway employs strong authentication protocols to safeguard access. Users are encouraged to follow the recommended password policy to enhance security:

  • Password Length and Complexity: Use passwords that are at least 8 characters long. Longer passwords, up to 64 characters, are preferred over overly complex ones. Enforce composition rules requiring a mix of letters, numbers, and special characters.
  • Prohibited Passwords: Avoid commonly used, easily guessable, or compromised passwords (e.g., "password," "123456").
  • Passphrases: Encourage the use of passphrases or passwords that are memorable yet uncommon, which can provide a higher level of security.
  • Periodic Changes: Do not mandate periodic password changes unless there is concrete evidence of a compromise.



Two-Factor Authentication (2FA) with TOTP

The WP500 enhances security with Two-Factor Authentication (2FA) using Time-based One-Time Passwords (TOTP). This additional security layer ensures that access requires both something the user knows (their password) and something they have (the TOTP code).

  • TOTP Code Generation: TOTP generates a temporary code, typically accessible via a smartphone app or a hardware token, which refreshes at regular intervals (usually every 30 seconds).
  • Dual Authentication: Users must provide both their regular password and the TOTP code to access the system, thereby significantly reducing the risk of unauthorized access, even if the password is compromised.



Login Captcha

To further enhance security and mitigate automated login attempts, the WP500 incorporates a Captcha on the login page.

  • Captcha Implementation: The Captcha feature differentiates between human users and automated scripts (bots), protecting against brute-force attacks and automated login attempts.
  • Security Enhancement: This additional security measure adds complexity for potential attackers, making automated attacks more challenging and resource-intensive.


Audit and Compliance

  • Regular Security Audits: Conduct frequent security audits to identify and address potential vulnerabilities. Ensure ongoing compliance with relevant industry standards and regulations.
  • Documentation and Records: Maintain comprehensive records of security audits and compliance status.


Backup and Recovery

  • Data Backup: Regularly back up system configurations and data to protect against data loss and ensure quick recovery in case of incidents.
  • Disaster Recovery Plan: Establish and regularly update a disaster recovery plan to manage and mitigate the impact of potential disruptions.


Secure Configuration

  • Initial Setup: Ensure the WP500 is securely configured upon initial setup. Disable any unnecessary services or features to reduce potential vulnerabilities.
  • Ongoing Management: Regularly review and update configurations to maintain a secure operating environment.


Training

  • Customer Training: TAS offers training sessions on WP500 security best practices. For scheduling and arranging training, please contact your account manager.
  • User Awareness: Keep users informed about potential security threats and educate them on best practices for avoiding security risks.

Created with the Personal Edition of HelpNDoc: Don't Let Unauthorized Users View Your PDFs: Learn How to Set Passwords